Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5KLY-hA2VTGjgjTW6kGGM2pfzIE.roa
File: 5KLY-hA2VTGjgjTW6kGGM2pfzIE.roa (raw, json)
Hash identifier: sHrXTXqG/UQ10U9QPLJE42DrINUWk/1e2YpPkb6BXyQ=
Subject key identifier: E4:A2:D8:FA:10:36:55:31:A3:82:34:D6:EA:41:86:33:6A:5F:CC:81
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 019150FEC69AFB5635CF23FC00725D312C6C
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5KLY-hA2VTGjgjTW6kGGM2pfzIE.roa
Signing time: Wed 14 Aug 2024 13:05:59 +0000
ROA not before: Wed 14 Aug 2024 13:05:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5518
IP address blocks: 62.63.128.0/21 maxlen: 24
62.63.136.0/22 maxlen: 24
62.63.144.0/20 maxlen: 24
62.63.159.0/24 maxlen: 24
62.63.160.0/19 maxlen: 24
62.63.190.0/24 maxlen: 24
62.63.191.0/24 maxlen: 24
78.28.192.0/18 maxlen: 24
78.28.195.0/24 maxlen: 24
78.28.197.0/24 maxlen: 24
78.28.211.0/24 maxlen: 24
78.28.212.0/24 maxlen: 24
78.28.223.0/24 maxlen: 24
78.28.228.0/24 maxlen: 24
78.28.229.0/24 maxlen: 24
78.28.234.0/24 maxlen: 24
78.28.240.0/24 maxlen: 24
78.28.244.0/24 maxlen: 24
78.28.250.0/24 maxlen: 24
78.28.252.0/24 maxlen: 24
78.154.128.0/19 maxlen: 24
80.233.128.0/17 maxlen: 24
80.233.140.0/24 maxlen: 24
80.233.168.0/24 maxlen: 24
80.233.200.0/21 maxlen: 24
80.233.232.0/24 maxlen: 24
80.233.244.0/24 maxlen: 24
185.87.204.0/22 maxlen: 24
185.87.204.0/24 maxlen: 24
194.19.224.0/19 maxlen: 24
194.19.224.0/24 maxlen: 24
194.19.246.0/24 maxlen: 24
213.175.64.0/18 maxlen: 24
213.175.75.0/24 maxlen: 24
213.175.117.0/24 maxlen: 24
2a02:16d8::/32 maxlen: 32
2a02:16d8:102::/48 maxlen: 48
2a02:16d8:104::/48 maxlen: 48
2a02:16d8:107::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:fe:c6:9a:fb:56:35:cf:23:fc:00:72:5d:31:2c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Aug 14 13:05:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a2d8fa10365531a38234d6ea4186336a5fcc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0c:50:bc:3e:b3:a4:36:43:a9:09:ad:96:a9:
2b:33:78:bd:5a:b2:ba:59:6e:b9:30:2d:ea:fd:86:
76:1d:33:2b:63:07:8c:cb:8e:38:8a:42:00:f5:5d:
6b:1a:31:68:f5:8d:6a:3a:b1:64:a2:94:8e:a2:a7:
df:df:24:1d:c9:2f:df:e7:c4:56:ac:3e:5a:72:d8:
1e:88:fc:30:8c:10:d8:4d:76:e8:38:64:56:09:72:
d0:67:5b:19:52:9f:f3:3d:d8:db:74:ed:78:39:65:
37:fd:2d:24:fe:c5:68:15:41:8c:a9:b4:b7:26:29:
d3:eb:eb:f9:de:aa:52:fa:d2:ae:5c:24:6b:d0:b9:
71:1a:cb:9e:fa:22:0d:18:61:51:28:ed:4a:43:55:
c7:b0:aa:9c:16:a7:88:88:b3:8f:ca:5d:6d:42:5b:
c6:b8:ad:70:bf:50:af:d1:1d:71:fc:95:6f:97:15:
f9:8c:65:d6:8c:79:9a:8f:1f:d1:0e:e8:aa:0b:4a:
88:d2:d6:1c:fb:78:38:53:79:65:40:bb:56:53:66:
f8:f5:9c:ab:e8:34:4b:29:f1:f3:de:74:b1:8b:72:
f5:14:4e:37:18:1c:49:79:e4:b5:a5:7a:a1:7f:dc:
5f:90:7f:56:9d:ea:90:90:bf:5c:ad:4b:b1:06:12:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A2:D8:FA:10:36:55:31:A3:82:34:D6:EA:41:86:33:6A:5F:CC:81
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5KLY-hA2VTGjgjTW6kGGM2pfzIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.63.128.0-62.63.139.255
62.63.144.0-62.63.191.255
78.28.192.0/18
78.154.128.0/19
80.233.128.0/17
185.87.204.0/22
194.19.224.0/19
213.175.64.0/18
IPv6:
2a02:16d8::/32
Signature Algorithm: sha256WithRSAEncryption
3c:41:8b:4f:51:10:7a:c0:d8:42:7f:47:96:b2:1b:a1:16:af:
a9:e9:98:0f:a4:da:4f:cb:db:8b:63:16:38:05:18:29:1d:45:
c1:d7:b9:eb:9c:cf:2e:cc:7d:e6:fe:2f:2a:a6:07:5b:07:d7:
21:9d:8c:34:04:8b:67:07:ad:19:62:e1:45:ad:22:7a:c6:d8:
bd:4d:58:4a:ec:bf:6f:19:b1:8c:8d:3f:6b:ff:d0:0d:bb:5c:
fe:33:b7:a1:a9:eb:ae:ce:49:c5:ba:23:0f:62:e6:d5:04:67:
0d:22:9b:33:ba:c7:ab:c8:ab:d0:f7:1d:85:13:08:4e:9a:0e:
7d:19:4d:89:30:b9:c9:70:23:f9:b1:04:50:33:2d:d1:e4:d9:
e3:0f:42:15:30:7d:33:00:0a:a5:38:f4:e6:47:c1:76:61:46:
0b:29:d3:a9:36:77:ea:2f:96:d8:b1:64:83:30:0e:13:3e:f6:
5b:6a:52:71:d2:bb:12:5a:09:90:ea:27:f7:4d:de:83:f0:0e:
78:aa:f2:14:c3:84:c6:ec:6b:56:18:3c:88:9a:bc:f7:5f:e5:
af:88:52:12:36:d8:57:d1:dc:d0:93:a7:b1:cc:13:53:35:a8:
18:2c:41:4e:7c:ef:ef:63:b0:3f:b1:0a:2a:2a:d9:91:3d:fe:
03:f0:43:54
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZFQ/saa+1Y1zyP8AHJdMSxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQwODE0MTMwNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGEyZDhmYTEwMzY1NTMxYTM4MjM0ZDZlYTQxODYzMzZhNWZjYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgxQvD6zpDZDqQmtlqkrM3i9WrK6
WW65MC3q/YZ2HTMrYweMy444ikIA9V1rGjFo9Y1qOrFkopSOoqff3yQdyS/f58RW
rD5actgeiPwwjBDYTXboOGRWCXLQZ1sZUp/zPdjbdO14OWU3/S0k/sVoFUGMqbS3
JinT6+v53qpS+tKuXCRr0LlxGsue+iINGGFRKO1KQ1XHsKqcFqeIiLOPyl1tQlvG
uK1wv1Cv0R1x/JVvlxX5jGXWjHmajx/RDuiqC0qI0tYc+3g4U3llQLtWU2b49Zyr
6DRLKfHz3nSxi3L1FE43GBxJeeS1pXqhf9xfkH9WneqQkL9crUuxBhJlfQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOSi2PoQNlUxo4I01upBhjNqX8yBMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvNUtMWS1oQTJWVEdqZ2pUVzZrR0dNMnBmeklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAc+P4AD
BAI+P4gwDAMEBD4/kAMEBj4/gAMEBk4cwAMEBU6agAMEB1DpgAMEArlXzAMEBcIT
4AMEBtWvQDANBAIAAjAHAwUAKgIW2DANBgkqhkiG9w0BAQsFAAOCAQEAPEGLT1EQ
esDYQn9HlrIboRavqemYD6TaT8vbi2MWOAUYKR1Fwde565zPLsx95v4vKqYHWwfX
IZ2MNASLZwetGWLhRa0iesbYvU1YSuy/bxmxjI0/a//QDbtc/jO3oanrrs5Jxboj
D2Lm1QRnDSKbM7rHq8ir0PcdhRMITpoOfRlNiTC5yXAj+bEEUDMt0eTZ4w9CFTB9
MwAKpTj05kfBdmFGCynTqTZ36i+W2LFkgzAOEz72W2pScdK7EloJkOon903eg/AO
eKryFMOExuxrVhg8iJq891/lr4hSEjbYV9Hc0JOnscwTUzWoGCxBTnzv72OwP7EK
KirZkT3+A/BDVA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:49 2024 by rpki-client on console-ams.rpki-client.org